Enforce security constraints on SAML AuthnStatement attributes

Details

Description

This task is to enforce security constraints on SAML AuthnStatement attributes. Namely, make sure that an AuthnInstant isn't in the future, that the SessionNotOnOrAfter is not stale, and that the SubjectLocality IP address is valid.